Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Convergence behavior user identification method and system based on application log

A user identification and user technology, applied in the field of network security, can solve the problems of automatic detection of user convergence behavior and detection technology relying on manual analysis, etc., to achieve the effect of strengthening identification ability building, realizing automatic mining, increasing difficulty and cost

Active Publication Date: 2021-07-23
NANJING SUNING SOFTWARE TECH CO LTD
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the present invention is to provide a user identification method and system for convergent behavior based on application logs, which is used to solve the problem that the convergent behavior detection technology based on multiple users in the prior art is highly dependent on manual analysis, and cannot efficiently and automatically detect user convergent behavior question

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Convergence behavior user identification method and system based on application log
  • Convergence behavior user identification method and system based on application log
  • Convergence behavior user identification method and system based on application log

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0051] see figure 1 , a method for identifying users with convergent behavior based on application logs, including:

[0052] Obtain application logs on the real-time computing engine;

[0053]Through multiple aggregations of users in the application log, the similarity index of the user is obtained, and the users whose similarity index does not reach the preset threshold are screened out and marked as users with similar behaviors;

[0054] Send users with similar behaviors to the system cache, and take corresponding restrictive measures for users with similar behaviors according to the system configuration.

[0055] The method for identifying users with convergent behavior based on application logs provided by the present invention aims at the technical shortcomings of the existing processing methods for convergent behavior, and automatically abstracts and quantifies the access behavior of a single user to effectively reflect the profile of a single user's access behavior. B...

Embodiment 2

[0137] An application log-based convergent behavior user identification system, including an application log acquisition module, an aggregation module, and an output module, wherein: the application log acquisition module is used to obtain application logs on a real-time computing engine; The user is aggregated multiple times to obtain the similarity index of the user, and the user whose similarity index does not reach the preset threshold is screened out and marked as a user with similar behavior; the output module is used to transport the user with similar behavior to the system cache, and according to the system configuration Take corresponding restrictive measures for users with similar behaviors.

[0138] The application log-based convergent behavior user identification system provided by the present invention adopts the application log-based convergent behavior user identification method in the first embodiment above to realize automatic convergent behavior group mining, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a convergence behavior user identification method and system based on an application log. The method comprises the steps of: obtaining the application log on a real-time calculation engine; performing multiple times of aggregation on the users in the application log to obtain similarity indexes of the users, screening out the users of which the similarity indexes do not reach a preset threshold value, and marking the users as convergence behavior users; and transmitting the user with the convergence behavior to a system cache, and taking corresponding limiting measures for the user with the convergence behavior according to system configuration. The system realizes the convergence behavior user identification method based on the application log, not only realizes automatic mining of convergence behavior gangs, but also is effective for medium and low frequency convergence behavior users aiming at the technical shortages existing in the existing convergence behavior processing method, and the difficulty and the cost of malicious confrontation to the system of the convergence behavior gang are increased.

Description

technical field [0001] The invention relates to the technical field of network security, in particular to a method and system for identifying users with similar behaviors based on application logs. Background technique [0002] Malicious network gangs often have a large number of IP resources, and use these IPs to initiate requests to target servers in a concurrent manner to obtain valuable information or achieve other malicious purposes. In response to the above problems, currently commonly used processing methods include flow control, threat intelligence, and individual user behavior analysis. Among them, the flow control method has high real-time performance and can be customized, but it can only identify high-frequency convergence behavior requests. Suppose the system administrator sets a certain interface access frequency to no more than 10TPS, and users exceeding this frequency will be blocked. This makes it easy for malicious network groups to test the critical value...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/34G06F16/18G06F16/955G06K9/62
CPCG06F11/3438G06F16/1815G06F16/955G06F18/22
Inventor 刘浩杰李岩张强皇甫道一张昭
Owner NANJING SUNING SOFTWARE TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com